Skip to content

Support per-cluster Incus client configuration #16

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Support per-cluster Incus client configuration #16

wants to merge 1 commit into from

Conversation

tsuzu
Copy link
Contributor

@tsuzu tsuzu commented Jul 20, 2025

Summary

  • Add support for configuring Incus client per cluster resource
  • Replace single global Incus client with per-cluster client factory
  • Enable multi-cluster/multi-project support

Changes

  • New ClientFactory: Creates Incus clients based on cluster configuration
  • Updated Controller: Uses ClientFactory to get appropriate client for each cluster
  • Per-cluster Config: Each IncusCluster can specify its own endpoint, project, and credentials
  • Secret Integration: Reads TLS certificates and connection options from Kubernetes secrets

Technical Details

  • pkg/incus/client_factory.go: New factory interface and implementation
  • IncusMachineReconciler: Updated to use factory instead of single client
  • main.go: Removed global Incus connection setup
  • Secret format supports: tls-ca, tls-client-cert, tls-client-key, insecure-skip-verify

Test Plan

  • Code compiles successfully
  • CI tests pass
  • Integration tests with multiple Incus servers
  • Verify secret-based authentication works

This enables the provider to manage machines across multiple Incus servers and projects simultaneously.

@tsuzu
Support per-cluster Incus client configuration
b5eda35 
- Add ClientFactory interface to create per-cluster Incus clients
- Update IncusMachineReconciler to use ClientFactory instead of single client
- Read connection configuration from cluster's secret reference
- Support TLS certificates, CA, and insecure skip verify options
- Handle project configuration from cluster spec
- Clean up unused global Incus connection code in main.go

Each IncusCluster can now specify its own Incus endpoint, project, and
credentials, allowing the provider to manage machines across multiple
Incus servers and projects.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@tsuzu